Hey guys, so today I will share with you an issue that a client of mine had with the WhatsApp.

+

+

The problem was in the beginning the client did not want the employees connect to the WhatsApp, but as the things changed we needed to enable the access to WhatsApp only to a bunch of employees using iptables controlling by ip address.

+

+

The mobile phone has an reservation on the dhcp and we allow only these ips on the iptables.

+

+

The first step is get the cird from WhatsApp on the website https://​www.whatsapp.com/​cidr.txt here I shall allow only the ipv4 protocol.

+

+

Now we need to create the structure to store the firewall configuration such as

+

<sxh bash>

+

mkdir /​etc/​firewall

+

</​sxh>​

+

+

Now we need to create the file to store the WhatsApp cird

+

<sxh bash>

+

vim /​etc/​firewall/​whatsapp_cidr

+

# /​etc/​firewall/​whatsapp_cidr

+

31.13.64.51/​32

+

31.13.65.49/​32

+

31.13.66.49/​32

+

31.13.67.51/​32

+

31.13.68.52/​32

+

31.13.69.240/​32

+

31.13.70.49/​32

+

31.13.71.49/​32

+

31.13.72.52/​32

+

31.13.73.49/​32

+

31.13.74.49/​32

+

31.13.75.52/​32

+

31.13.76.81/​32

+

31.13.77.49/​32

+

31.13.78.53/​32

+

31.13.79.195/​32

+

31.13.80.53/​32

+

31.13.81.53/​32

+

31.13.82.51/​32

+

31.13.83.51/​32

+

31.13.84.51/​32

+

31.13.85.51/​32

+

31.13.86.51/​32

+

31.13.87.51/​32

+

31.13.88.49/​32

+

31.13.90.51/​32

+

31.13.91.51/​32

+

31.13.92.52/​32

+

31.13.93.51/​32

+

31.13.95.63/​32

+

50.22.198.204/​30

+

50.22.210.32/​30

+

50.22.210.128/​27

+

50.22.225.64/​27

+

50.22.235.248/​30

+

50.22.240.160/​27

+

50.23.90.128/​27

+

50.97.57.128/​27

+

64.233.190.0/​24

+

75.126.39.32/​27

+

108.168.174.0/​27

+

108.168.176.192/​26

+

108.168.177.0/​27

+

108.168.180.96/​27

+

108.168.254.65/​32

+

108.168.255.224/​32

+

108.168.255.227/​32

+

158.85.0.96/​27

+

158.85.5.192/​27

+

158.85.46.128/​27

+

158.85.48.224/​27

+

158.85.58.0/​25

+

158.85.61.192/​27

+

158.85.224.160/​27

+

158.85.233.32/​27

+

158.85.249.128/​27

+

158.85.249.224/​27

+

158.85.254.64/​27

+

169.44.36.0/​25

+

169.44.57.64/​27

+

169.44.58.64/​27

+

169.44.80.0/​26

+

169.44.82.96/​27

+

169.44.82.128/​27

+

169.44.82.192/​26

+

169.44.83.0/​26

+

169.44.83.96/​27

+

169.45.71.32/​27

+

169.45.71.96/​27

+

169.45.87.128/​26

+

169.45.169.192/​27

+

169.45.182.96/​27

+

169.45.210.64/​27

+

169.45.214.224/​27

+

169.45.219.224/​27

+

169.45.237.192/​27

+

169.45.238.32/​27

+

169.53.29.128/​27

+

169.53.48.32/​27

+

169.53.71.224/​27

+

169.53.250.128/​26

+

169.53.252.64/​27

+

169.53.255.64/​27

+

169.54.2.160/​27

+

169.54.44.224/​27

+

169.54.51.32/​27

+

169.54.55.192/​27

+

169.54.193.160/​27

+

169.54.210.0/​27

+

169.54.222.128/​27

+

169.55.69.128/​26

+

169.55.74.32/​27

+

169.55.126.64/​26

+

169.55.210.96/​27

+

169.55.235.160/​27

+

173.192.162.32/​27

+

173.192.219.128/​27

+

173.192.222.160/​27

+

173.192.231.32/​27

+

173.193.205.0/​27

+

173.193.230.96/​27

+

173.193.230.128/​27

+

173.193.230.192/​27

+

173.193.239.0/​27

+

174.36.208.128/​27

+

174.36.210.32/​27

+

174.36.251.192/​27

+

174.37.199.192/​27

+

174.37.217.64/​27

+

174.37.231.64/​27

+

174.37.243.64/​27

+

174.37.251.0/​27

+

179.60.192.51/​32

+

179.60.193.51/​32

+

179.60.195.51/​32

+

184.173.136.64/​27

+

184.173.147.32/​27

+

184.173.161.64/​32

+

184.173.161.160/​27

+

184.173.173.116/​32

+

184.173.179.32/​27

+

185.60.216.53/​32

+

192.155.212.192/​27

+

198.11.193.182/​31

+

198.11.251.32/​27

+

198.23.80.0/​27

+

208.43.115.192/​27

+

208.43.117.79/​32

+

208.43.122.128/​27

+

172.217.28.0/​24

+

</​sxh>​

+

+

Now we need to create a file with the employees mobile phone ip addresses

+

<sxh bash>

+

vim /​etc/​firewall/​whatsapp_clients

+

# /​etc/​firewall/​whatsapp_clients

+

10.0.2.31

+

10.0.1.77

+

</​sxh>​

+

+

How let's create an simple script to process all that information and create the rules automatically when is necessary.